Windows 7 – New Zero-Day Vulnerability

For the past few years, we have been advising clients to upgrade from Windows 7 to Windows 10, and now that our clients are protected it turns out that a new critical vulnerability exists impacting Windows 7 with currently no fix in sight.

While some of these vulnerabilities were identified way back in 2015, they are now actively being exploited in the environment.

For clients that pay for extra support from Microsoft’s Windows 7 Extended Security Updates (ESU) there is no fix available, and this vulnerability is actively being targeted in the wild. If you are running Windows 7 without ESU I suggest you reach out to a Microsoft partner like Demand ITS Inc.

While this may also impact Windows 10, the risks are reduced due to enhanced security measures applied in 2015. There are currently no known attacks targeting Windows 10 at this time.

Disable Preview Pane in Explorer

Click on Organize in Windows Explorer

Click Layout, and uncheck ‘Preview Pane

Disable Web Client Service

Click Start>Control Panel. Alternatively, point to Settings, and then click Control Panel.